Earlier this week, Tom Burt, corporate vice president of ‘customer security and trust’ at Microsoft, published a blog post expressing the company’s support towards WhatsApp in its legal battle against the Israeli NSO Group. With this, Microsoft officially joined a league of the world’s most prominent technology companies in fighting cyber mercenaries. The case harks back to the notorious Pegasus hack that ran riot on WhatsApp, targeting journalists and human rights activists on behalf of governments. The term itself seems about right, referring to Tim Maurer’s novel titled Cyber Mercenaries – The State, Hackers and Power.
The intention, hence, is pretty clear – technology companies are sitting up and officially taking note of the present cyber security climate. Organizations like the NSO Group have till date flaunted governmental immunity, stating that it builds specialized and highly sophisticated cyber espionage tools at the request of countries . These tools, in turn, are employed by national governments to hold out strategic cyber warfare on targets. As a result, the NSO Group has so far claimed immunity from legal prosecution, citing its contribution to state-backed cyber operations as classified information. Now, technology majors like the Facebook-owned WhatsApp, alongside Google, Cisco, VMWare and now Microsoft, have joined the fray.
The state of today’s cyber security
Such a move might not end in immediate, direct benefits in prosecuting cyber threat actors, especially those with nation-backed funds and motives. However, it underlines the state of cyber security around the world today. Keeping aside the main privacy problems with Big Tech, cyber threats today exist in consumer apps strewn across Android’s Google Play Store, and in numerous third party websites. These threats include spyware like Pegasus, which frequently deploy zero-click tactics and exploit zero-day vulnerabilities to secretly install on smartphones.
Such attacks then deploy common cyber attack tactics, such as privilege escalation to gain high level access in devices. Such access, like what NSO’s Pegasus took in systems it infiltrated via WhatsApp, would allow these spyware to realize privilege to read a device’s display and bypass standard security processes such as biometric authentication. It then combined these tactics with remote access trojan (RAT) processes to relay key information back to a remote server, which in turn would allow infiltrators to scrape information off unsuspecting users and send sensitive data to attackers.
Beyond the spyware attacks, rampaging ransomware attacks like WannaCry and NotPetya have used a mixture of those tactics to carry critical sectors for mammoth ransom. At the center of the alarmingly growing cyber crime world are nations, and state-backed hackers with deep funds to develop tools that bypass the common layers of cyber security. What makes it all even more alarming is how difficult any of them are to track down, and immunities in the form of national security and national interest that these organizations are afforded.
Valuable amicus curiae to the complainant
It is this cyber security scenario that makes Microsoft’s move particularly relevant. While the businesses haven’t formed a politician consortium, Microsoft’s Burt says that the amicus brief filed by Microsoft, alongside Cisco, GitHub, Google, LinkedIn, VMWare and therefore the Internet Association, aims to place a check on the NSO Group’s “dangerous business model.” In ways, this is able to set precedent in some ways for consumer cyber security.
Burt says, “Private sector companies creating these weapons aren’t subject to equivalent constraints as governments. Many governments with offensive cyber capabilities are subject to international laws, diplomatic consequences and therefore the have to protect their own citizens and economic interests from the indiscriminate use of those weapons. Private actors just like the NSO Group are only incented to stay these vulnerabilities to themselves in order that they can take advantage of them, and therefore the exploits they create are constantly recycled by governments and cybercriminals once they get into the wild.”
It is this that WhatsApp, with ancillary support from the likes of Google and Microsoft, aims to force legal counsel to alter. In essence, what the tech companies are now seeking is regulation of the state-backed cyber operations sectors in nations, and industry experts who News18 spoke to mention that in the end of the day , such moves may help establish international regulations for what national cyber operations and cyber tools may operate under.
As for your personal cyber security, the future impact of the move by Microsoft and other companies can trickle right down to tighter regulations that provide you a legal recourse in fields such as state-sponsored cyber campaigns. It may add an extra layer of security for users to come under. Regulating private sector involvement in national cyber operations would also help in determining clear routes through which malware, spyware and other tools reach the dark web markets. In turn, this would also help detect which tool originated as a nation-state spyware, and which was the willful work of a private organization for commercial gains.